extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2025-06-19 08:07:13 +02:00
Code Issues Packages Projects Releases Wiki Activity

Remove dead code from process_actions2() and make user/group actions work

Browse Source 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1518 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2004-07-30 22:33:46 +00:00
parent d05c60b1b7
commit 502a00cc26
3 changed files with 15 additions and 44 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
STABLE2/changelog.txt
View File

@ -44,3 +44,9 @@ Changes in 2.0.7
4) Correct handling of multiple 'blacklist' interfaces. 4) Correct handling of multiple 'blacklist' interfaces.
5) Add "0.0.0.0 RETURN" to nobogons. 5) Add "0.0.0.0 RETURN" to nobogons.
Changes in 2.0.8
1) Removed dead code from process_actions2()
2) Corrected read command in process_actions2() (userspec)

46
STABLE2/firewall
View File

@ -2863,47 +2863,6 @@ process_actions1() {
# process the associated action files. # process the associated action files.
# #
process_actions2() { process_actions2() {
#
# Process a rule where the source or destination is "all"
#
process_wildcard_rule() {
local yclients yservers ysourcezone ydestzone ypolicy
for yclients in $xclients; do
for yservers in $xservers; do
ysourcezone=${yclients%%:*}
ydestzone=${yservers%%:*}
if [ "${ysourcezone}" != "${ydestzone}" ] ; then
eval ypolicy=\$${ysourcezone}2${ydestzone}_policy
if [ "$ypolicy" != NONE ] ; then
process_action $xaction $xtarget $yclients $yservers $xprotocol $xports $xcports $xratelimit $xuserspec
fi
fi
done
done
}
do_it() {
expandv xclients xservers xprotocol xports xcports xratelimit xuserspec
if [ "x$xclients" = xall ]; then
xclients="$zones $FW"
if [ "x$xservers" = xall ]; then
xservers="$zones $FW"
fi
process_wildcard_rule
continue
fi
if [ "x$xservers" = xall ]; then
xservers="$zones $FW"
process_wildcard_rule
continue
fi
process_action $xaction $xtarget $xclients $xservers $xprotocol $xports $xcports $xratelimit $xuserspec
}
log_action() { log_action() {
[ "$COMMAND" != check ] && log_rule ${LOGNEWNOTSYN:-info} $1 $2 "" "" -p tcp ! --syn [ "$COMMAND" != check ] && log_rule ${LOGNEWNOTSYN:-info} $1 $2 "" "" -p tcp ! --syn
@ -2981,8 +2940,9 @@ process_actions2() {
fn=$(find_file $f) fn=$(find_file $f)
echo "Processing $fn..." echo "Processing $fn..."
while read xtarget xclients xservers xprotocol xports xcports xratelimit $xuserspec; do while read xtarget xclients xservers xprotocol xports xcports xratelimit xuserspec ; do
do_it expandv xtarget xclients xservers xprotocol xports xcports xratelimit xuserspec
process_action $xaction $xtarget $xclients $xservers $xprotocol $xports $xcports $xratelimit $xuserspec
done < $TMP_DIR/$f done < $TMP_DIR/$f
;; ;;
esac esac

7
STABLE2/releasenotes.txt
View File

@ -1,4 +1,4 @@
Shorewall 2.0.7 Shorewall 2.0.8
---------------------------------------------------------------------- ----------------------------------------------------------------------
Problems Corrected in version 2.0.4 Problems Corrected in version 2.0.4
@ -114,6 +114,11 @@ New Features in version 2.0.7
default via 192.168.1.254 dev br0 default via 192.168.1.254 dev br0
Table default: Table default:
-----------------------------------------------------------------------
Problems Corrected in version 2.0.8
1) User/group restricted rules now work in actions.